Nicolas Trippar

**Name of the Vulnerable Software and Affected Versions** Keybase versions prior to 2.12.6 **Description** The issue in Keybase allows one user of the system without root access to tamper with another's installs due to time-to-check-time-to-use bugs in the move RPC to the Helper. **Recommendations** For versions prior to 2.12.6, update to version 2.12.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 54 Firefox ESR versions prior to 52.2 Thunderbird versions prior to 52.2 **Description** The issue is related to an out-of-bounds read vulnerability in the Opus encoder. This occurs when the number of channels in an audio stream changes while the encoder is in use, potentially allowing a remote attacker to cause a denial of service. **Recommendations** For Firefox versions prior to 54, update to version 54 or later. For Firefox ESR versions prior to 52.2, update to version 52.2 or later. For Thunderbird versions prior to 52.2, update to version 52.2 or later.